Ushering in a New Era of Extreme Private Networking and Evolved Financial Extranets

Private networks connecting communities of interest and commerce are not new.

As IP networking took off thirty years ago, and more high-speed connectivity became available around the world, financial institutions began to move their traffic off of complex, expensive circuit-based networks on to Internet Protocol private networks, made possible with technologies including Multiprotocol Label Switching (MPLS), a routing technique in telecom networks that directs data from one node to the next based on short path labels rather than long network addresses, avoiding complex lookups in a routing table and speeding traffic flows.

MPLS today is still part of the fabric of financial community connectivity but is in many cases being displaced by SD-WAN, an acronym for software-defined networking in a wide area network. SD-WAN simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism and is part of a much larger trend toward virtualized and software-defined networking.

Beyond SD-WAN, visionaries in the financial connectivity services industry are now turning to Secure Access Service Edge (SASE) approaches. Pronounced as "Sassy," Gartner (News - Alert) created a new category by introducing this architecture in mid-2019, and since then, entirely new offerings have been created by many of the largest tech companies, including VMWare, ZScaler, AT&T (News - Alert), and more.

"Instead of the security perimeter being entombed in a box at the data center edge, the perimeter is now everywhere an enterprise needs it to be — a dynamically created, policy-based secure access service edge," wrote Lawrence Orans, Joe Skorupa, and Neil MacDonald in Gartner's "The Future of Network Security is in the Cloud."

Extranet services offer a combination of speed, security, performance, and more efficient access to market data providers and trading counterparties, eliminating expensive point-to-point networks and instead leveraging the benefits of routing across IP networks, including in some cases, the public Internet.

Through a single private connection, extranets link international financial service institutions and their vendors and service providers, enabling them to seamlessly communicate, transact, receive and distribute information. Banks, brokers, exchanges, clearinghouses, vendors, application providers, integrators, market infrastructures, and more can access the world's financial centers over a dependable, high-speed network.

How can an extranet be truly private and secure if traffic traverses the public Internet?

We asked Christopher Swan, Chief Revenue Officer at Dispersive, a company that pioneered SASE networking and has earned nearly forty US patents for their unique approach to session management, to share his vision for modern financial extranet models.

"Dispersive is the underlying networking innovation powering a global financial extranet today, connecting multiple trading partners and service providers," Swan said. "Maximizing agility without compromising security, with our SASE approach, we are moving firms away from costly and inflexible virtual private networks (VPNs) with virtual networking that's flexible enough to move at the speed of the financial markets, providing zero trust security without degrading performance."

The financial services community is arguably the most connected industry in the world, with the largest IT and telecom spend and the most to gain or lose when the performance and security of networks are in play.

"We first saw the Extranet model surface back in the 1990s when the Internet, which was largely used by the academic, government and research communities, entered into more commercial territory and made new ways to connect, communicate, trade, settle, make payments and otherwise conduct financial transactions easier to do," Swan explained. "The Internet was at that time and remains today the largest, most pervasive, resilient and efficient network in the world, and while the Arpanet-inspired early version is dwarfed by the size of today's Internet, it could not be ignored."

Telecom companies scrambled to respond and began working with the financial industry to build new access networks making it possible to connect to the Internet and begin replacing "pinned down circuits" and other physically connected end-to-end networks with Internet protocol versions, as "virtualized" networking was born.

"It wasn't easy," Swan said. "It took a huge amount of collaboration and investment in all layers of the OSI stack, including installing millions of miles of fiber optic cables, on land and under the sea – but the economics were too compelling to ignore."

Financial extranets have become a fundamental component of the business done by buy-side and sell-side firms, providing access to a service or liquidity pool no matter where it is hosted. In cases where the network provider has a point of presence in a data center and provides connectivity between multiple data center, banks and their market data and news providers, for example, can take advantage of that infrastructure to have one integrated and centrally managed connectivity solution.

"Extranets are poised for even more growth in 2021 given the massive growth of FinTech and RegTech, and the digital transformation of banks and other financial companies," Swan said. "By applying IP overlay technologies which are levels up from what we had available in the past, using software and encryption, and session splitting techniques to protect data at rest and in motion, we are dramatically improving the economics and lowering the risk of attacks, without compromising speed."

Swan shared a few predictions for 2021 in the world of financial extranets based on what he has been seeing, experiencing, discussing with clients and partners, and continuing to develop in their Atlanta-based lab.

"Best efforts will no longer good enough, and next-generation Extranets will have to be not just near real-time but real-time with millisecond speed," Swan said. "Regulators will continue to tighten rules regarding fairness so visibility into the transactions occurring on extranets will drive increasingly sophisticated monitoring and management capabilities, and security will become more important as cyberattacks become more sophisticated, including those launched by adversarial, well-organized entities, many who are spending more on figuring out how to attack networks and systems."

Swan is witnessing more collaborative efforts and new industry standards being set as the benefits of extranets become even more relevant with the growth of new payments and other transaction types, including smart contracts and blockchain-related services.

"Mobile applications will change the way more 'connect anywhere and everywhere' extranets will operate, and with 5G being installed in all the major financial hubs, financial professionals will be able to carry with them the same ultra-fast and ultra-secure applications in their pockets," Swan said and being able to manage every type of device, whether a smartphone or laptop, server or database, network operations console and virtually anything connected to the private, logical network is what is driving the SASE revolution.

"Extranets will be spun up more quickly than ever, and with more advanced virtualization and cloudification of networking, highly specialized extranets will grow, connecting certain classes of securities, for example," Swan explained.

The next generation of financial extranets will be part of the rapid advancement of mission-critical and "programmable" networks designed for the Exabyte era. The massive growth of data and storage, the move to cloud and now edge computing, and the new way next-generation professionals will work not just in 2021 but in 2031 "are pushing the limits again, spurring investment and innovation and contributing to the next level Internet made extra special with new software solutions, session splitting, and security built into the network which is where Dispersive shines."